urlscan.io logo urlscan.io
SecurityTrails logo

credit.kohls.com Open in urlscan Pro
66.22.20.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.t.kohls.com/?qs=4d25bedc6e8894ff821aa9756dc901b56d9119cc615eab68c518e2692cbac0bae2ca9e79ac5b60afd573cff1bdd2...
Effective URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Submission: On February 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 66.22.20.103, located in United States and belongs to RADWARE-CLOUD-SERVICES, US. The main domain is credit.kohls.com. The Cisco Umbrella rank of the primary domain is 174063.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 2nd 2023. Valid for: a year.
This is the only time credit.kohls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    128.17.96.250 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.email.travelinsurancepartners.com.au
click.t.kohls.com
9    66.22.20.103 (United States)

ASN25773 (RADWARE-CLOUD-SERVICES, US)
credit.kohls.com
13    2600:9000:214f:9200:0:ed0d:63c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3ksttzjeov72n.cloudfront.net
1    2600:9000:2204:3e00:1b:64b0:3080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstdata.com
2    2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
684dd328.akstat.io
1    104.18.115.97 (None, )

ASN- ()
ipv4.icanhazip.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.in
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 cloudfront.net
d3ksttzjeov72n.cloudfront.net
779 KB
10 kohls.com
click.t.kohls.com — Cisco Umbrella Rank: 192670
credit.kohls.com — Cisco Umbrella Rank: 174063
37 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
43 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
130 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 122
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1581
c.go-mpulse.net — Cisco Umbrella Rank: 683
52 KB
1 akstat.io
684dd328.akstat.io — Cisco Umbrella Rank: 72158
202 B
1 google.co.in
adservice.google.co.in — Cisco Umbrella Rank: 42296
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 9299
384 B
1 firstdata.com
cdn.firstdata.com — Cisco Umbrella Rank: 117677
49 KB
35 10
Domain Requested by
13 d3ksttzjeov72n.cloudfront.net credit.kohls.com
d3ksttzjeov72n.cloudfront.net
9 credit.kohls.com 6 redirects d3ksttzjeov72n.cloudfront.net
4 pagead2.googlesyndication.com s.go-mpulse.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net d3ksttzjeov72n.cloudfront.net
s.go-mpulse.net
1 684dd328.akstat.io s.go-mpulse.net
1 www.google.com tpc.googlesyndication.com
1 5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.in securepubads.g.doubleclick.net
1 c.go-mpulse.net s.go-mpulse.net
1 ipv4.icanhazip.com d3ksttzjeov72n.cloudfront.net
1 s.go-mpulse.net credit.kohls.com
1 cdn.firstdata.com credit.kohls.com
1 click.t.kohls.com 1 redirects
35 15

This site contains links to these domains. Also see Links.

Domain
www.kohls.com
apply.kohls.com
Subject Issuer Validity Valid
credit.kohls.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-02 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.firstdata.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-02 -
2024-06-24		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.co.in
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Frame ID: E37961C33605D0E60F42D30516DA06F9
Requests: 27 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Frame ID: 7A872F2E308477E79D5E7AAC2DD114BF
Requests: 2 HTTP requests in this frame

Frame: https://5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 13A1FB28E1E52CA5DE1E4B984432B14E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91CA1E88F644359855A2BE0EF078F35B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A07594041F39F02DB7610D517307CD4B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eCustomer Service

Page URL History Show full URLs

  1. https://click.t.kohls.com/?qs=4d25bedc6e8894ff821aa9756dc901b56d9119cc615eab68c518e2692cbac0bae2ca9e79... HTTP 302
    https://credit.kohls.com/eCustService/?om_mid=_Account_Lockout&om_etid=543613329&utm_source=TRA&utm_m... HTTP 301
    https://credit.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

35
Requests

97 %
HTTPS

79 %
IPv6

10
Domains

15
Subdomains

13
IPs

3
Countries

1085 kB
Transfer

3213 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.t.kohls.com/?qs=4d25bedc6e8894ff821aa9756dc901b56d9119cc615eab68c518e2692cbac0bae2ca9e79ac5b60afd573cff1bdd244630ceb8d8b712c46b5 HTTP 302
    https://credit.kohls.com/eCustService/?om_mid=_Account_Lockout&om_etid=543613329&utm_source=TRA&utm_medium=ET&utm_term=543613329&utm_content=862088&utm_campaign=_Account_Lockout&mi_u=543613329 HTTP 301
    https://credit.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif HTTP 301
  • https://credit.kohls.com/ HTTP 303
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://click.t.kohls.com/?qs=4d25bedc6e8894ff821aa9756dc901b56d9119cc615eab68c518e2692cbac0bae2ca9e79ac5b60afd573cff1bdd244630ceb8d8b712c46b5
  • https://credit.kohls.com/eCustService/?om_mid=_Account_Lockout&om_etid=543613329&utm_source=TRA&utm_medium=ET&utm_term=543613329&utm_content=862088&utm_campaign=_Account_Lockout&mi_u=543613329
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
89bfc0327275c1288763c5c83878afb79e582e444c0fd6866a663f498f600b2b
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MmZjMWRjMjItNjdhMi00OTdlLWFjYmEtOWE4ODQ1NTJiOTA4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MmZjMWRjMjItNjdhMi00OTdlLWFjYmEtOWE4ODQ1NTJiOTA4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 18:46:08 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Security-Policy
default-src 'none'
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 18:46:07 GMT
Location
/ecs/auth/?cid=AAAA4151001
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d
bootstrap.min_4.6.0.css
d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/bootstrap.min_4.6.0.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 04:29:10 GMT
x-amz-version-id
qKHsUnnKFMZgAt9pGqwlddnt6MlR1sEr
content-encoding
br
last-modified
Thu, 08 Jun 2023 04:23:14 GMT
server
AmazonS3
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"258faa3208373250ffe729418435d270"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
51419
x-amz-cf-id
EzLysgQZ2PCfgTyIcHQInqkhoEu3waARD9An8gNi3p17gCEEAne2dA==
fontawesome-all.min.css
cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/ 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/fontawesome-all.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:3e00:1b:64b0:3080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
z0BouNAw_Ue0nfki3a47GipUh4LG9Ovr
date
Tue, 20 Feb 2024 07:54:38 GMT
via
1.1 66dd60a280ca9f6b133d158ccf4dd40a.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 21:40:09 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
42820
x-amz-server-side-encryption
AES256
etag
"fa458861897529425cdf08dffe6146a4"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
49945
x-amz-cf-id
KIzqtzNzphj9r6DobN4oIdbbR87IMJqIYVLOagFxuEY-mzEAhf6RRg==
published_main_13.css
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/ 		1 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/published_main_13.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:32 GMT
x-amz-version-id
qBmca3nvlJBew.nyV4JoTL4LZHwO7Bp_
content-encoding
br
last-modified
Fri, 30 Jul 2021 14:03:53 GMT
server
AmazonS3
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"3427d8d110efae5852b0b0560554321e"
x-amz-server-side-encryption
AES256
x-amz-meta-x-amz-meta-title
/ecs/banks/AAAA4151001/templates/cfi/saved_main.css
vary
Accept-Encoding
content-type
text/css
x-cache
Hit from cloudfront
age
32737
x-amz-cf-id
DncVuCF0Gl0O71FPBsxSuOZ_bA-GRClgyuoDpjTw4SnlzUTMNL5jWA==
auth_styles.min.css
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/ 		741 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
P9Qr9sTIX8go1SkCU2kr2yZkTErgBdTR
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 06:26:48 GMT
last-modified
Thu, 15 Feb 2024 07:06:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
44361
x-amz-server-side-encryption
AES256
etag
W/"3409f176cc52c33e4932747df37404d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
ah-tfngCBp8Vk2YmOVLC3u6BUvE4T9ZcTlOTQm2tAW_uJkGKvWxqhQ==
gpt.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa1149c66184468251c5473efba5a11aff90c2f2ccc54f8718e7f7f3db7ec588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
sw8UIagSNibnV6vbXISR5MrzjD1ZKTM1
content-encoding
br
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 10:29:56 GMT
last-modified
Tue, 15 Nov 2022 05:21:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
29773
x-amz-server-side-encryption
AES256
etag
W/"6f0cfa073491f604b69aae9d1d9768aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Nzh60-n4u_nbE39Rn1cG9S8fbTQGErxPAGSGJLtoSkkf4sMe_DtPzg==
auth-bundle.min.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/ 		1003 KB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3db05c951fc1d302d25e8cb90191cb526cd0569fc1e2a4a1c85288ed9dae3e9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
FIEtIp8oOcRvahc0Dtsq63s4YVKGEQdu
content-encoding
br
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 08:03:30 GMT
last-modified
Thu, 15 Feb 2024 07:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
38559
x-amz-server-side-encryption
AES256
etag
W/"5b76ab3b794d63d67b07fb9c7a4dd10b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dVjwDoleS6R5G3TVR3Dn3lL57_5AeyUlZz1LmBKkREpML-M6174nGg==
3H6HN-HCW87-4HZF3-YWYL6-C7HHH
s.go-mpulse.net/boomerang/ Frame 7A87 		209 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Tue, 02 Jan 2024 20:16:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
52061
/
ipv4.icanhazip.com/ 		16 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9ead6501fd0c9db5651c81cdc5e11c5331a41b0fa0d04b83c5eeb4b85e7bcd99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
8588e922c8cc90d6-FRA
alt-svc
h3=":443"; ma=86400
content-length
16
pubads_impl_2022101301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131264
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:30:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Feb 2025 13:09:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		135 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=credit.kohls.com
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2c06b9c01c888e2d493446ed94fca45875968b64a95f2b3dbabfc69098bc4eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
x-xss-protection
0
expires
Tue, 20 Feb 2024 18:46:09 GMT
OpenSans-Regular.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Regular.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 04:29:11 GMT
x-amz-version-id
bhMbwpUWcqLtDOgd1mfKPZUQKvETAjyX
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
51418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
96428
last-modified
Thu, 11 Aug 2022 04:32:04 GMT
server
AmazonS3
etag
"5a798cdadc7cd321e3f72425b70bface"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
9MnLZF0EgCv-JfVGzsmT84MvVHsvt76FtMs0qsEdQHc3tAtLaFYB1g==
OL_ENGINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_ENGINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
BEmKnWNl75lQFiNSVWXt0ioKe672fz.P
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 03:37:57 GMT
last-modified
Wed, 09 Jun 2021 19:39:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
54493
x-amz-server-side-encryption
AES256
etag
W/"baabad5b06edc9b1df65a8f29d3ffe5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RCdh1TQF3yWYZdTxpBrgJg_24ze4iK1B2nHJivh3yZy7B-PH-bTxCA==
OL_CONF_INLINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_CONF_INLINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 04:29:11 GMT
x-amz-version-id
5XI841_4pGVoFQ63A8UbHoqoM5f334jC
content-encoding
br
last-modified
Wed, 09 Jun 2021 19:39:34 GMT
server
AmazonS3
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"530d4cdedab8e19176884727de612674"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
51419
x-amz-cf-id
VuW4sO7QfI1J1-cNhNcWiqkvUzLKl8ZTqLjG3xDzUwWHjCYN9tiYhg==
AAAA4151001
credit.kohls.com/ecs/auth/api/config/ 		93 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/api/config/AAAA4151001?language=en_US
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
d72b3fdc0a82b33f62594b993241dc2a6fa693bc2a09bfd3cbe79b2a14666e72
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NmVkZjMyMDQtNGY3My00ZGJlLTgxNGEtN2E1YTY2NGNkOTUx'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

preferredLanguage
EN
Accept
application/json, text/plain, */*
activityDateTime
2024-02-20T19:46:09+01:00
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
accept-language
de-DE,de;q=0.9
ipAddress
178.162.209.131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NmVkZjMyMDQtNGY3My00ZGJlLTgxNGEtN2E1YTY2NGNkOTUx'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Tue, 20 Feb 2024 18:46:09 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"17315-hS6ClyP0VvmDC/ST9/l+ovYX0oY"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, no-store, must-revalidate
expires
-1d
/
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MWUzNTVhYzctMjQxOC00MjQxLTgxZTQtMmYxYTllMTg4Yjg1'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MWUzNTVhYzctMjQxOC00MjQxLTgxZTQtMmYxYTllMTg4Yjg1'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Tue, 20 Feb 2024 18:46:10 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Content-Security-Policy
default-src 'none'
Date
Tue, 20 Feb 2024 18:46:09 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
/ecs/auth/?cid=AAAA4151001
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d
config.json
c.go-mpulse.net/api/ Frame 7A87 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=3H6HN-HCW87-4HZF3-YWYL6-C7HHH&d=credit.kohls.com&t=5694849&v=1.766.0&if=&sl=0&si=6d31a369-313b-44c1-a9db-601d21a1085c-s9644v&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a83d91220814b3e0b30c051e94c211469972fec212cf8f2220ad014ce4057bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 18:46:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1054
OpenSans-SemiBold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-SemiBold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:55:51 GMT
x-amz-version-id
EVuKfqftIUSq8D4VCw1jTX1jQKm5r5_K
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
17419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100256
last-modified
Thu, 11 Aug 2022 04:32:08 GMT
server
AmazonS3
etag
"096d8c73bb18e4328284f25138b47ac6"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
Rhvy8ewjSm4kjJ4NckgWP6AXZXk1YKpIvSYoWeb277dbo1nFa6kuoA==
OpenSans-Bold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Bold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:37:47 GMT
x-amz-version-id
nUKUekj8ArdJHhoBL0vGfyN1uodHat23
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
40103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
103616
last-modified
Thu, 11 Aug 2022 04:31:43 GMT
server
AmazonS3
etag
"0062c34665a3fc0f2278cd4e955702ec"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
PyBumw-Whkz_nG-yYtWZmQ4GAvb_oOfr8ZqK7EUB8jWvtdy_nTvFLQ==
LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
OoGFlH5pOQnYl1Y8oka0OwHtpKMYun4T
date
Tue, 20 Feb 2024 09:03:34 GMT
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
34956
x-amz-server-side-encryption
AES256
etag
"d3ef2a1238f2c7a80fe17f03f277aacb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54955
x-amz-cf-id
8VKqg4atP4EnqvN1iZm6wmiji5OfB9Pt8JVZA8p6FumjqNddMjRH_g==
not-visible.svg
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/ 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/not-visible.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
tQeT04l3xpkhZn0F0CCDj1tkPm_onaXR
date
Tue, 20 Feb 2024 09:01:37 GMT
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Aug 2022 04:37:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
35073
x-amz-server-side-encryption
AES256
etag
"6fce3ff9699a8ccf4c184be7b2ae8e9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
992
x-amz-cf-id
c5xC8NQbB-O-bvksGQnp_OpdSj4m1MozPvyw_pIIrhEX4Tlpua8Vxw==
LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 04:29:12 GMT
x-amz-version-id
NhqLAlKuOQnJQapzoCD0jNza90AjFrK6
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
51418
etag
"05406680debd225230e676efede11868"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6032
x-amz-cf-id
q3fovubTUCPK-_XnWrm8EO4qEudKiuXKxcMn-n3e_Sz51b6Ah1ggFw==
integrator.js
adservice.google.co.in/adsid/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.in/adsid/integrator.js?domain=credit.kohls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
integrator.js
adservice.google.com/adsid/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=credit.kohls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		368 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4447238281814507&correlator=2737212827228622&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fif&iu_parts=17763952%2CMKC%2CLogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x128%7C1024x64%7C728x90&ifi=1&adks=1406336167&sfv=1-0-38&fsfs=1&fsapi=false&prev_scp=pos%3DLogin_MKC_Desktop_Bottom&eri=1&cust_params=channel%3Ddesktop%26env%3Dprod&sc=1&cookie_enabled=1&abxe=1&dt=1708454769466&lmt=1708454769&dlt=1708454768512&idt=630&adxs=24&adys=898&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&frm=20&vis=1&psz=1600x48&msz=1552x0&fws=0&ohw=0&ga_vid=1582223559.1708454769&ga_sid=1708454769&ga_hid=1155959633&ga_fc=false
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef0537368679b286fb0cea52f3a83485f562225ecc408fed09d1ff36f96acc0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://credit.kohls.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2b7bbbd312cb85f24210d859a1e3dcfaca37d6d15bdb5fb09362c0d23b1beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12411
x-xss-protection
0
container.html
5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 18:46:09 GMT
expires
Wed, 19 Feb 2025 18:46:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 18:46:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 91CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
127603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 07:19:26 GMT
expires
Tue, 18 Feb 2025 07:19:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A075 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
318e4f3d027488e16b95d5caab38d809c08ff35ddcd1ca1f921dc582cdd1e437
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3OZlGfdD0y66FIj6PWcJqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3OZlGfdD0y66FIj6PWcJqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 18:46:09 GMT
expires
Tue, 20 Feb 2024 18:46:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 91CA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 15:37:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
11294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 15:37:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A075 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=4447238281814507&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 91CA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-xbvEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:46:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
684dd328.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://684dd328.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 18:46:10 GMT
content-type
image/gif
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 20 Feb 2024 18:46:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=4447238281814507&bg=!jI-lj8DNAAZN4L4YbeA7ADQBe5WfOCRxxn_p8xwvamROHAGf9YKJIpNTTBbbqBWWjSTAhCu-3OOwq3LeFnZfaKWQ49qMAgAAAOVSAAAAAmgBB5kCwrjdTTbezRuWhntdDi5jQVl-3LFaaypJEz70UHpjwCkV9LSskCgQiQuOwZsstYPPB4KxKG55VuKhGeHSZC2Q5HWoFWd0sf_D8FL-dJmiUcMwBOHU4hf2zaWtz7NWE-yJwq27LhlU2_IorYgnjRn2la69fwkwKVy5gDY5DWSR-JEERB6dSccou4mxNe2jROry07nt38amXzF3_vjtSeGlo8gOq_t25axDk65qK1WthAEwdxhlP-DPRtF6qFDUtiR8fk7DEJzV0wyH4c1DPBSF0IOHvt8b95TMaK2D7Z00ehjU0Db0Mq3FBBpMAtnTEILq2kNbQDZuO2R3DbeySymwKVK1bGa30PpN-S_8r3SstGNtuEiXjxN6k2vx_sLUNwqUJ34MvBWbp1uUY6O5tPS4f8uoe8gv8CLTkH2QsdFeCghMxf3NxZ3ZMVQDY881xYbK3Y9gjsJ5sabf2bddxoY_JHCaL1Q7SCxFj-8Fdj9MkQRWyYR84eGFVMIartxg5KUT5hXMcjLhy89J4vIyzCVdoTFKulZpWbYZK04I9AnpZmsOu8ikO88qe5fj0ZNGiREqZbTQXeSB675gUXPaNTX6oXHcbOyvhNQ8OQtnQ_2sQ5GKjgD7V_zmKhkuvjfTkk294LNvrqc83ugOMYzg_F1NjGdyd4w4vjpwa8oxyqPS0cDeLtUWrLpPGHcyVtNFl_Mdm-6SUoTxWGizGtpb9xDipv7oz6PGw13VCQ_w92PdhF-V523RfzhAHMAadpIdNhvfW9B7eryxKe51jYUdpyB3Olg0NCUq9XsVAiGYvoepXRXuEoOhlmDj_jHjWxFOE_vdKBe8TZSQBkeGY17A2ulHpv24zXXwVjuwN0Xh444yM5hKkp0prNXqEuufgLao-SKbkLhzVU4CXp4lTr5zR11OOl_gsRgA7cDYLbMIWHEuoeMcZkg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| digitalData string| environment object| GLOBAL_VARIABLES object| googletag number| BOOMR_lstart object| ggeac object| google_tag_data object| google_js_reporting_queue object| OOo undefined| google_measure_js_timing number| BOOMR_onload object| BOOMR object| BOOMR_mq number| BOOMR_configt function| startFeedback object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
credit.kohls.com/ Name: __uzma
Value: 95dfb21b-d1db-4d7f-b473-2210ba866977
credit.kohls.com/ Name: __uzmb
Value: 1708454767
credit.kohls.com/ Name: __uzme
Value: 6427
credit.kohls.com/ Name: clientId
Value: AAAA4151001
credit.kohls.com/ Name: __uzmd
Value: 1708454769
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
credit.kohls.com/ Name: __uzmc
Value: 428873167330
.credit.kohls.com/ Name: RT
Value: "z=1&dm=credit.kohls.com&si=6fccaac5-1c2e-4503-bef3-7b9ca0e279b9&ss=lsupuuqo&sl=1&tt=27m&bcn=%2F%2F684dd328.akstat.io%2F&ld=2zj"

6 Console Messages

Source Level URL
Text
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 54)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MmZjMWRjMjItNjdhMi00OTdlLWFjYmEtOWE4ODQ1NTJiOTA4'". Either the 'unsafe-inline' keyword, a hash ('sha256-RoK/dpcNl3dk0XtN+xEhlnDHJ+GRYk7hEnG3L2LL9n4='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 54)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MmZjMWRjMjItNjdhMi00OTdlLWFjYmEtOWE4ODQ1NTJiOTA4'". Either the 'unsafe-inline' keyword, a hash ('sha256-G7peGWkII6PET/S8vDqf93wQvsP+xol5VEup9FTtx1E='), or a nonce ('nonce-...') is required to enable inline execution.
other warning URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4447238281814507&correlator=2737212827228622&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fif&iu_parts=17763952%2CMKC%2CLogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x128%7C1024x64%7C728x90&ifi=1&adks=1406336167&sfv=1-0-38&fsfs=1&fsapi=false&prev_scp=pos%3DLogin_MKC_Desktop_Bottom&eri=1&cust_params=channel%3Ddesktop%26env%3Dprod&sc=1&cookie_enabled=1&abxe=1&dt=1708454769466&lmt=1708454769&dlt=1708454768512&idt=630&adxs=24&adys=898&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&frm=20&vis=1&psz=1600x48&msz=1552x0&fws=0&ohw=0&ga_vid=1582223559.1708454769&ga_sid=1708454769&ga_hid=1155959633&ga_fc=false
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://adservice.google.com/adsid/integrator.js?domain=credit.kohls.com
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://adservice.google.co.in/adsid/integrator.js?domain=credit.kohls.com
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MmZjMWRjMjItNjdhMi00OTdlLWFjYmEtOWE4ODQ1NTJiOTA4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5167d851f111efbe284d592d30cd46ee.safeframe.googlesyndication.com
684dd328.akstat.io
adservice.google.co.in
adservice.google.com
c.go-mpulse.net
cdn.firstdata.com
click.t.kohls.com
credit.kohls.com
d3ksttzjeov72n.cloudfront.net
ipv4.icanhazip.com
pagead2.googlesyndication.com
s.go-mpulse.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
104.18.115.97
128.17.96.250
2600:9000:214f:9200:0:ed0d:63c0:21
2600:9000:2204:3e00:1b:64b0:3080:93a1
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a02:26f0:3100:782::11a6
2a02:26f0:3500:991::11a6
66.22.20.103
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2
318e4f3d027488e16b95d5caab38d809c08ff35ddcd1ca1f921dc582cdd1e437
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
3b2b7bbbd312cb85f24210d859a1e3dcfaca37d6d15bdb5fb09362c0d23b1beb
3db05c951fc1d302d25e8cb90191cb526cd0569fc1e2a4a1c85288ed9dae3e9f
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
89bfc0327275c1288763c5c83878afb79e582e444c0fd6866a663f498f600b2b
9ead6501fd0c9db5651c81cdc5e11c5331a41b0fa0d04b83c5eeb4b85e7bcd99
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199
a83d91220814b3e0b30c051e94c211469972fec212cf8f2220ad014ce4057bd9
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c
b2c06b9c01c888e2d493446ed94fca45875968b64a95f2b3dbabfc69098bc4eb
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
d72b3fdc0a82b33f62594b993241dc2a6fa693bc2a09bfd3cbe79b2a14666e72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa
ef0537368679b286fb0cea52f3a83485f562225ecc408fed09d1ff36f96acc0e
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe
fa1149c66184468251c5473efba5a11aff90c2f2ccc54f8718e7f7f3db7ec588